Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/eklI2wZ5H2o_gQq9mmCyYNANqQM.roa
File: eklI2wZ5H2o_gQq9mmCyYNANqQM.roa (raw, json)
Hash identifier: 872h+d87qN0X4kpxdDFFCLBdMsFLLILjePG59mq6+hM=
Subject key identifier: 7A:49:48:DB:06:79:1F:6A:3F:81:0A:BD:9A:60:B2:60:D0:0D:A9:03
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0198D05BFAB2513B2E4785106E6B9522FDFC
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/eklI2wZ5H2o_gQq9mmCyYNANqQM.roa
Signing time: Fri 22 Aug 2025 05:59:05 +0000
ROA not before: Fri 22 Aug 2025 05:59:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21840
IP address blocks: 31.57.59.0/24 maxlen: 24
31.57.229.0/24 maxlen: 24
31.58.101.0/24 maxlen: 24
31.58.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d0:5b:fa:b2:51:3b:2e:47:85:10:6e:6b:95:22:fd:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 22 05:59:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a4948db06791f6a3f810abd9a60b260d00da903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a6:4c:c9:f6:8f:61:8c:74:e7:d3:6b:e0:d8:
ce:f2:4d:de:5c:53:76:26:43:93:f7:59:25:f4:a8:
60:c5:b6:91:5f:ab:c2:26:48:00:d8:e5:a7:49:16:
a6:49:85:db:40:90:8d:dd:13:13:57:55:37:80:72:
91:fb:9f:27:a5:34:5b:cc:5f:65:b1:cf:05:99:38:
28:51:a1:81:2b:11:eb:c3:fa:f1:c3:ac:3a:14:4b:
60:ee:c5:85:c6:f3:58:e2:f2:a1:20:1d:f3:b4:a6:
cc:7a:27:00:f0:d2:09:d1:8d:c3:b4:dc:b4:36:5d:
c3:15:ee:b5:7c:f3:d8:05:30:11:63:23:51:8a:69:
e9:21:38:c6:c3:aa:4a:40:8b:bc:c5:ce:30:21:98:
d4:82:bd:37:06:b1:fe:24:15:99:04:c4:48:e9:6f:
2e:4e:86:ef:f5:db:2d:2c:73:d3:6c:bc:37:1c:73:
42:78:f4:a6:58:03:97:af:a7:f3:b5:64:39:49:22:
2d:39:b8:ef:31:73:58:76:3d:c2:04:0f:7b:dd:bb:
40:25:0e:1e:5c:29:c6:77:2d:51:f9:b7:10:73:03:
51:09:f2:54:28:65:01:b4:ef:f7:b4:a5:a4:a2:53:
d1:57:fa:f2:98:e6:dd:1e:da:77:4a:52:3f:20:25:
bf:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:49:48:DB:06:79:1F:6A:3F:81:0A:BD:9A:60:B2:60:D0:0D:A9:03
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/eklI2wZ5H2o_gQq9mmCyYNANqQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.59.0/24
31.57.229.0/24
31.58.101.0/24
31.58.221.0/24
Signature Algorithm: sha256WithRSAEncryption
45:4a:77:4e:c2:a8:34:e1:04:8a:30:40:b6:a0:49:c3:4a:39:
3e:48:fc:e0:14:0a:5d:82:d5:b8:22:8d:ef:e7:0a:7b:c5:9b:
f6:6d:38:64:8d:f9:51:c2:89:fc:1d:1a:53:30:59:89:82:4c:
c8:0f:b9:1c:19:51:b7:e6:d2:6e:a5:4f:06:e9:4b:79:40:c1:
67:03:2d:12:ab:b1:a8:7c:b4:cb:a4:6c:db:52:a7:9a:53:b6:
74:9b:ea:c5:1a:4b:36:73:69:05:79:6b:c1:a5:73:78:ad:31:
8b:4a:b3:76:c6:a3:a8:07:df:17:30:79:2b:e2:ac:8c:61:a8:
c2:8a:99:73:b3:41:d3:1b:71:b3:f8:fe:a8:06:fe:d5:89:dc:
d1:42:b8:b0:6f:16:65:35:d9:74:67:8f:95:04:71:5c:2e:31:
6c:40:05:9e:ce:f6:b8:db:4e:da:6a:51:10:c8:65:fe:b2:1c:
d7:f8:59:ae:cf:ed:d7:11:09:72:64:f8:f2:fa:8f:be:e9:2c:
40:ad:ed:a8:5e:11:7d:3e:d1:78:e7:60:c1:b3:0b:e3:ad:fc:
2d:8b:41:73:c6:4e:bb:11:c9:ef:6e:16:98:5c:f7:e4:82:a4:
32:db:dd:b1:81:6c:6b:e2:21:38:93:e9:8c:bc:20:2a:94:03:
66:03:00:91
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZjQW/qyUTsuR4UQbmuVIv38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODIyMDU1OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQ5NDhkYjA2NzkxZjZhM2Y4MTBhYmQ5YTYwYjI2MGQwMGRhOTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqZMyfaPYYx059Nr4NjO8k3eXFN2
JkOT91kl9KhgxbaRX6vCJkgA2OWnSRamSYXbQJCN3RMTV1U3gHKR+58npTRbzF9l
sc8FmTgoUaGBKxHrw/rxw6w6FEtg7sWFxvNY4vKhIB3ztKbMeicA8NIJ0Y3DtNy0
Nl3DFe61fPPYBTARYyNRimnpITjGw6pKQIu8xc4wIZjUgr03BrH+JBWZBMRI6W8u
Tobv9dstLHPTbLw3HHNCePSmWAOXr6fztWQ5SSItObjvMXNYdj3CBA973btAJQ4e
XCnGdy1R+bcQcwNRCfJUKGUBtO/3tKWkolPRV/rymObdHtp3SlI/ICW/twIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHpJSNsGeR9qP4EKvZpgsmDQDakDMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZWtsSTJ3WjVIMm9fZ1FxOW1tQ3lZTkFOcVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzk7AwQA
HznlAwQAHzplAwQAHzrdMA0GCSqGSIb3DQEBCwUAA4IBAQBFSndOwqg04QSKMEC2
oEnDSjk+SPzgFApdgtW4Io3v5wp7xZv2bThkjflRwon8HRpTMFmJgkzID7kcGVG3
5tJupU8G6Ut5QMFnAy0Sq7GofLTLpGzbUqeaU7Z0m+rFGks2c2kFeWvBpXN4rTGL
SrN2xqOoB98XMHkr4qyMYajCiplzs0HTG3Gz+P6oBv7VidzRQriwbxZlNdl0Z4+V
BHFcLjFsQAWezva4207aalEQyGX+shzX+Fmuz+3XEQlyZPjy+o++6SxAre2oXhF9
PtF452DBswvjrfwti0Fzxk67EcnvbhaYXPfkgqQy292xgWxr4iE4k+mMvCAqlANm
AwCR
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:39:37 2025 by rpki-client